Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out. encoded key spec not recognized: Bad sequence size: 3

See original GitHub issue


I am trying to validate jwt token for azure ad. I have the public key as below:

val pubkey= "-----BEGIN CERTIFICATE-----\nMIIDBTCCAe2gAwIBAgIQZSAeaqWig4BHC1ksmNNcgjANBgkqhkiG9w0BAQsFADAtMSswKQYDVQQDEyJhY2NvdW50cy5hY2Nlc3Njb250cm9sLndpbmRvd3MubmV0MB4XDTE3MDUwNjAwMDAwMFoXDTE5MDUwNzAwMDAwMFowLTErMCkGA1UEAxMiYWNjb3VudHMuYWNjZXNzY29udHJvbC53aW5kb3dzLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJL7dVZkeJ8JDTPIzFNMJo9oEkvDc52zrdqWSOmex0E/3rBe1tfRmUe2O9l6NYuc10QzPaNxnkyIwa5698suNUPxGlEOwvm/h5oPeFcuxAWcgYYv5s589HWFrNjCF8EfOjZ4vU5oE1744EzxdmBiaGbeE8HDBXn1vK4owlcjawgQNF7KQ6LjSWr7xtARDF2IoKE4RYy0V0uVN4eAQ3zWRWWUt3cpYjTl34EZ9pO6CE8/If7noj75g0RYd/AHkIMdXBC4SlnNz+boLbba2ksIB+5z9jVILjvZwqx7i+k2filqZkVmasB/o2ChUFbdwg6c8DTOlyS/qB25dcfoCN2GF+cCAwEAAaMhMB8wHQYDVR0OBBYEFGKpXQNrF5IoxS6bL4F92+gxOJlIMA0GCSqGSIb3DQEBCwUAA4IBAQA3HgW5SoHlvvQVxqqi+mtscDZLhNfe13iG/nx8Er5il82b79RVydNs+f9sYxc4T4ctnrZu7x5e7jInJedNdAlrPorBdw+SfvKJsmiNndXugMew1FlcQTQVIFDCbziaJav8rKyMxPfeKkc1aixbajWZkKg6OPmmJn2ceTocbn8PMQy20xNvcWUwgF5FZZIuPqu6feOLJcUIYw+0JFZ265xka30QXpmytcIxajIzpD4PRdCIBuVSqgXacAs4t4+w+OhnosD72yvXck8M4GwX1j+vcuyw0yhDGNMmqsHWP7H3jnJiGDrKhhdVyplzDhTfv2Whbv/dIDn+meLE3yyC5yGL\n-----END CERTIFICATE-----" when I try to validate the token using Jwt.validate(token,pubkey, Seq(JwtAlgorithm.RS256)) I get the following stacktrace encoded key spec not recognized: Bad sequence size: 3
  at org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi.engineGeneratePublic(Unknown Source)
  at org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi.engineGeneratePublic(Unknown Source)
  at pdi.jwt.JwtUtils$.parsePublicKey(JwtUtils.scala:114)
  at pdi.jwt.JwtUtils$.verify(JwtUtils.scala:187)
  at pdi.jwt.JwtCore$$anonfun$validate$2.apply(Jwt.scala:654)
  at pdi.jwt.JwtCore$$anonfun$validate$2.apply(Jwt.scala:653)
  at pdi.jwt.JwtCore$class.validate(Jwt.scala:636)
  at pdi.jwt.Jwt$.validate(Jwt.scala:23)
  at pdi.jwt.JwtCore$class.validate(Jwt.scala:653)
  at pdi.jwt.Jwt$.validate(Jwt.scala:23)
  at pdi.jwt.JwtCore$class.validate(Jwt.scala:722)
  at pdi.jwt.Jwt$.validate(Jwt.scala:23)
  at pdi.jwt.JwtCore$class.validate(Jwt.scala:725)
  at pdi.jwt.Jwt$.validate(Jwt.scala:23)

Is there anything I am doing incorrectly?

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:9

github_iconTop GitHub Comments

kershnerdcommented, Jun 6, 2018

I need to know how to do this to. How do I convert my publicKey as a string to PublicKey?

camdezcommented, Aug 24, 2017

@yatharthsharma I was fighting this exact battle yesterday and never could figure out how to convert the string to a PublicKey; can you share any tips on that?

I eventually had to fall back to using the modulus and exponent to manually construct an RSAPublicKeySpec.

Read more comments on GitHub >

github_iconTop Results From Across the Web

InvalidKeySpecException: encoded key spec not recognised ...
I am trying to verify data with C generated keys in Java. How to convert byte array to private/public key? Security.addProvider(new org.
Read more > key spec not ...
On instance side there is logs like "disconnect from client side". It doesn't looks like problem with instance configuration (userdata or initscript), but...
Read more >
InvalidKeySpecException when parsing certificate
and throws the exception. But I'm sure the problem is in generateCertificate(). ... comes with Netscape.) ... key,
Read more > -
Method convertes the bytes arrays back to private and public key objects */ public static Key[] bytesToPrivatePublicKeys( String algorithm, ...
Read more >
Java.Security.Spec.Invalidkeyspecexception Error In Jar Not ... encoded key spec not recognized: Bad sequence size: 3 #63.Closed.yatharthsharma opened this issue on Jul 11.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found